Iexplore.exe error. It's right there!

Page 2 - Seeking answers? Join the Tom's Hardware community: where nearly two million members share solutions and discuss the latest tech.
Toggle sidebar Toggle sidebar
Following up with some new info, I stumbled across this post in a forum that may help any of you who are still have issues cleaning any last traces out:

How to remove klomp.exe (also known as qdbon.dll).

I had a problem starting Internet Explorer, but this solved it:

1. First, remove, using HiJackThis, registry input C:\WINDOWS\system32\xwr63956.dll

2. Using regedit, remove registry-key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iexplorer.exe.

3. Finally delete these files from windows/system32:
xwr63956.dll, wr63956.dll, xa?Huh?.exe (files starting with the letters "xa") and qdbon.dll.

I wasn't able to find any of the listed .dll files in my system, nor the klomp.exe, as it seems my scans have eliminated those (HiJackThis, Malwarebytes, and AVG). However, I did find six of the xa---------.exe files and they are as follows:

xa50186109.exe
xa50186312.exe
xa50227687.exe
xa50227890.exe
xa50286734.exe
xa50286937.exe

I've deleted those files and I'll update if they return. All six were created within one minute in the system32 folder at the time I started having my IE issue, so make sure to eliminate those as well.
 
Read my post above, it's you answer, please if there are any people who think they are smart, dont be stupid and just reinstall your windows.

It will only cost you time if you are gonna put research in it, but it wont help you, this is one of the most advanced trojan.horse i ever got on my PC in years !!!
 
Just wanted to share that we tried these methods. We had run numerous cleaners (AVG, AVG Rootkit, Spy sweeper, Spyware doctor, hijackthis, malwarebytes, superantispyware, spybot, ad-aware) but none seemed able to resolve the issue completely.

Likely the culprit *.DLLs were removed by the cleaners, but Windows still could not find iexplore.exe.

But this step:



proved to be the solution. It had "ropfnqz.exe" as a target, likely a randomly generated filename that was no longer there. So, by removing the key the "hijack" is gone, and all seems well.


And RDCMrT, there are new and advanced trojans every day, but if we give up and reinstall every time, they will win. Surrender is not an option. Sometimes reinstall is not an option. It's research like this that in the end helps resolve so many infections and problems out there, that contributes to future solutions and keeps us from falling under the heels of these miscreants creating these infections. And the determined men and women resolving these problems with seemingly tireless effort -- unsung heroes of a digital age.


 
JEZUS READ MY POST ABOVE THESE.

People are still thinking they have a solution, but here's a new one: THERE IS NO SOLUTION !!!

So if you have this virus/problem just reinstall windows before the virus damages any internal hardware like your HD !!!
 


Oh yeah and for u.

What is this all about, even the hardest anti-virus/spyware software developers gave up this virus, even the hardest virus/spyware scanners wont find the virus, and even if they find it, they will mess up your windows install.

So there is no other option then reinstall your windows.

Come on dude go cry about something else, it even is recommended to reinstall your windows every 6 months, not even the most crazy idea because after 6 months your pc is bursting because of all the cookies and other crap from the internet.

Come on dude admit it is very pathetic what you wrote above, go worry about your real life and the things that will happen there, i just cant believe somebody can make sutch a commotion about a windows reinstall.
Sorry i just think you pathetic thats all !!!

By the way: just back-up all you data and you won't even suffer from data-loss.

I think you just in life a virtual world too mutch my dear friend, have a nice day !
 
http://www.threatexpert.com/report.aspx?md5=90562378c8c4a5334687990fc7d10284

It certainly is removable... for those that know what they're doing. While a reload is the simplest solution, it is by no means the only solution. The insults are completely unnecessary... not everyone gives up without a fight.

Besides, if you remove all traces of the virus, then do a repair install, you can avoid a complete format and reload... as long as too much damage hasn't been done. Sometimes too much damage is done and a reload is needed, but not always.

When you say "the hardest virus/spyware scanners", which ones are you referring to specifically? Sophos seems to be capable of removing it, and I'm sure there are others. Don't make the mistake of assuming that Norton, McAffee, AVG and Avast! are the only antivirus progams out there.

I prefer to reload my PC as little as possible... I may do it once a year or maybe less. I have never had an issue with viruses. People don't like reloading Windows when they don't have to... even if they have a back-up available. It's a time-consuming process and not everyone has the time. Yes, sometimes it has to be done... but why do it when you don't have to?
 


Well actually i wasn't referring to any of those programs, i was talking about ad-aware 2008, best anti virus i used ever.

And the virus u are referring to, isn't the exact same virus were talking about here i think, it misses some files and it says nothing about the modification is makes with the ieexplorer.exe file, and to let it come back after
removal.

And yeh you are right it can be removed ... well it says on the internet and in theory, but when it comes to removal, dude thrust me for the fourth time: "IT CANT BE REMOVED", and about the repair install thrust me: "IT DOESN'T WORK" i tested it myself.

And oh yeah when removed, because you say it can be removed, my PC needed 10 minutes and 6 seconds (yeah i timed it) to start-up and to shut- down, so if you guys believe it can be removed allright, or be removed without damage to your system and you won't need to do a windows reinstall fine but then you will be the dumbest ass ever.
 


I can assure you that it can be removed, I was infected at the start of Jan, been clean now for 4 weeks... similar steps to those above...

As for "ad-aware 2008, best anti virus i used ever" that kind of explains why you couldnt clean it... ad-aware is not anti-virus software, it removed ad-ware... which is completly different.

Reinstalls really are a last resort, as for reinstalling every 6 months? I dont know who you are quoting but the last time I heard similar advice it was regarding windows 98... and it was bad advice then! windows has come along way in the last 10 yesrs, if you are carefull and learn how to maintain your installation properly there is no reason to re-install so frequently.


If you are infected, All I can say is that following the tips above will get you sorted, keep with it, reinstall if you *have to* but you certinally dont need to for this!
 
Hey Everyone,

I'm worried I have it bad! I can't find my System32 folder! I went to my c drive to find it but it wasn't there, I did a search and it wasn't there either. I am running Windows XP, can anyone help?

Right now my temp solution is doing the "2. Using regedit, remove registry-key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iexplorer.exe."

Thanks!
 
Ad-Aware is barely useful for removing syware / adware... let alone viruses. Personally, I use Panda at home and I've never had an issue with viruses or spyware. If you're putting your trust in Ad-Aware, then that trust has been seriously misplaced. This alone would suggest that you do NOT know what you're talking about.

I'm sorry, but if you want to be taken seriously, you're going to have to cut the insults. If you can't post an opinion without personally attacking someone that disagrees with you... you're going to have a very short posting career in this forum.

You're free to reload your computer every 6 months or more if that's what you think is necessary... however, the rest of us will continue to actually use our computers instead of reloading them at the drop of a hat. Some of us actually know how to do something beyond a couple of scans with Ad-Aware.
 
And the virus u are referring to, isn't the exact same virus were talking about here i think, it misses some files and it says nothing about the modification is makes with the ieexplorer.exe file, and to let it come back after
removal.
Click to expand...

I suggest you actually read the entire description... because it makes you look like less of an ass when you try to disagree with me:

so that klomp.exe is injected into the execution sequence of iexplore.exe by being installed as its default debugger
Click to expand...

You'd also know (if you bothered to actually look and read, once again) that it mentions every single registry modification that allows the infection to reoccur even after the original files have been deleted. It is necessary to delete all of the registry entries in order to completely disinfect the computer. This is something any decent antivirus will be able to do. In other words, not Ad-Aware.



 


Okay about the ieexplorer.exe thing your right.

But the **** about ad-aware is totally misplaced, because i just had 14 files infected by a worm and 10 files infected by a trojan removed by ad-aware, so saying ad-aware can't be thrusted is bull****.

And im not trying to make u look like an ass but your saying things that are misplaced and arent right, so yeah i let you of it.

And the insult of "Some of us actually know how to do something beyond a couple of scans with Ad-Aware" now you are up too let me look like an ass, i posted a few comments before where i allready stated that i aren't a n00b too and can figure things out manually myself.

The fact why i respond like this is because of u dumb asses to come back every time and say it CAN be removed when people post everyday the message they cant remove the virus, so im just letting you know about the fact.

And the computer cleanup every 6 months won't say I DO THAT EVERY SIX MONTHS, but i was just referring about what microsoft is recommending.

So go cry about it if you think i want to look u like an ass, eventually u allready did that for yourself, so why would I bother.
 
I can assure you that it can be removed, I was infected at the start of Jan, been clean now for 4 weeks... similar steps to those above...

As for "ad-aware 2008, best anti virus i used ever" that kind of explains why you couldnt clean it... ad-aware is not anti-virus software, it removed ad-ware... which is completly different.

Reinstalls really are a last resort, as for reinstalling every 6 months? I dont know who you are quoting but the last time I heard similar advice it was regarding windows 98... and it was bad advice then! windows has come along way in the last 10 yesrs, if you are carefull and learn how to maintain your installation properly there is no reason to re-install so frequently.


If you are infected, All I can say is that following the tips above will get you sorted, keep with it, reinstall if you *have to* but you certinally dont need to for this!
Click to expand...

Yeh i now it says: ad-aware. but out of my experiences it also removes, virusses, like trojans and worms, so the name doens't state it's only removing adware.
Do u actually have used the program or do u just telling me this because the name is ad-aware ???
 
Once again demonstrating your astounding reading skills. I stated that YOU are making YOURSELF look like an ass, not me. I actually know what I'm talking about... and you keep proving to the rest of us that you don't.

I have used Ad-Aware. I found it to be woefully inadequate in removing what it was designed to remove: spyware and adware. It was never designed to remove viruses. A trojan horse is NOT a virus and neither is a worm. They can exhibit virus-like behaviour, but they are not viruses. If you want to remove malware permanently, an antivirus of some sort is necessary. Ad-Aware won't do a damn thing against this particular infection and you suggesting that it's good at removing everything really isn't doing anything to support your position. People that report they haven't had any luck removing this infection obviously haven't followed all the steps necessary to remove it. Delete ALL the FILES, all the REGISTRY entries and scan the computer with an actual ANTIVIRUS program. That is unless your antivirus program manages to clean if off completely. (Which any decent antivirus will)
 


Sure dude the only way i dont understand u is because the way u are typing.

If you think this is the option fine.

But i allready KNOW WHAT TO DO TO REMOVE A VIRUS, i dont have to hear it from u, fine if u think ad-aware cleans nothing, strange my PC runs fine with all the downloading and scanning with ad-aware.

But hey, u are the one who knows it best right.

I'm not gonna discuss anything more of this with u, the only thing i see on my screen is cry baby bull**** !!!

 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom